



<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=2">
<meta name="theme-color" content="#FFF">
  <link rel="apple-touch-icon" sizes="180x180" href="/imageshttps:/cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main/blog-img/7b8cfd64db3c412194fc64cb710e594b.jpeg">

<link rel="icon" type="image/ico" sizes="32x32" href="/images/favicon.ico">
  <meta http-equiv="Cache-Control" content="no-transform">
  <meta http-equiv="Cache-Control" content="no-siteapp">


<link rel="alternate" type="application/rss+xml" title="Canary's Blog" href="https://zephyr-cyber.github.io.git/rss.xml" />
<link rel="alternate" type="application/atom+xml" title="Canary's Blog" href="https://zephyr-cyber.github.io.git/atom.xml" />
<link rel="alternate" type="application/json" title="Canary's Blog" href="https://zephyr-cyber.github.io.git/feed.json" />
<link rel="alternate" type="application/json" title="Canary's Blog" href="https://cdn.jsdelivr.net/npm/font-awesome/css/font-awesome.min.css" />
<script src="/js/live2d-widget/autoload.js?v=0.2.5"></script>

<link rel="stylesheet" href="//fonts.googleapis.com/css?family=Mulish:300,300italic,400,400italic,700,700italic%7CFredericka%20the%20Great:300,300italic,400,400italic,700,700italic%7CNoto%20Serif%20JP:300,300italic,400,400italic,700,700italic%7CNoto%20Serif%20SC:300,300italic,400,400italic,700,700italic%7CInconsolata:300,300italic,400,400italic,700,700italic&display=swap&subset=latin,latin-ext">

<link rel="stylesheet" href="/css/app.css?v=0.2.5">

  

<link rel="canonical" href="https://zephyr-cyber.github.io.git/">



  <title>Canary = Canary's Blog</title>
<meta name="generator" content="Hexo 5.4.0"></head>
<body itemscope itemtype="http://schema.org/WebPage">
  <div id="loading">
    <div class="cat">
      <div class="body"></div>
      <div class="head">
        <div class="face"></div>
      </div>
      <div class="foot">
        <div class="tummy-end"></div>
        <div class="bottom"></div>
        <div class="legs left"></div>
        <div class="legs right"></div>
      </div>
      <div class="paw">
        <div class="hands left"></div>
        <div class="hands right"></div>
      </div>
    </div>
  </div>
  <div id="container">
    <header id="header" itemscope itemtype="http://schema.org/WPHeader">
      <div class="inner">
        <div id="brand">
          <div class="pjax">
          
            <a href="/" class="logo" rel="start"><p class="artboard">Canary</p>
              <h1 itemprop="name headline" class="title">Canary's Blog</h1>
            </a>
            <p class="meta" itemprop="description">= 我用回忆温暖了想你的每一刻 =</p>
          
          </div>
        </div>
        <nav id="nav">
  <div class="inner">
    <div class="toggle">
      <div class="lines" aria-label="Toggle navigation bar">
        <span class="line"></span>
        <span class="line"></span>
        <span class="line"></span>
      </div>
    </div>
    <ul class="menu">
      <li class="item title"><a href="/" rel="start">Canary</a></li>
    </ul>
    <ul class="right">
      <li class="item theme">
        <i class="ic i-sun"></i>
      </li>
      <li class="item search">
        <i class="ic i-search"></i>
      </li>
    </ul>
  </div>
</nav>

      </div>
      <div id="imgs" class="pjax">
        <ul>
          <li class="item" data-background-image="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/pic6.jpg"></li>
          <li class="item" data-background-image="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/54234-BanG_Dream-HikawaHina-PC-Wallpaper.jpg"></li>
          <li class="item" data-background-image="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/pic7.jpg"></li>
          <li class="item" data-background-image="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/pic5.jpg"></li>
          <li class="item" data-background-image="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/pic2.jpg"></li>
          <li class="item" data-background-image="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/pic4.jpg"></li>
        </ul>
      </div>
    </header>
    <div id="waves">
      <svg class="waves" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" viewBox="0 24 150 28" preserveAspectRatio="none" shape-rendering="auto">
        <defs>
          <path id="gentle-wave" d="M-160 44c30 0 58-18 88-18s 58 18 88 18 58-18 88-18 58 18 88 18 v44h-352z" />
        </defs>
        <g class="parallax">
          <use xlink:href="#gentle-wave" x="48" y="0" />
          <use xlink:href="#gentle-wave" x="48" y="3" />
          <use xlink:href="#gentle-wave" x="48" y="5" />
          <use xlink:href="#gentle-wave" x="48" y="7" />
        </g>
      </svg>
    </div>
    <main>
      <div class="inner">
        <div id="main" class="pjax">
          
  <div class="index wrap">
      <h2 class="divider">Sticky Posts</h2>
      <div class="segments sticky">
          
<article class="item">
  <div class="cover">
    <a href="/%E6%AF%94%E8%B5%9Bmisc/" itemprop="url" title="比赛MISC"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/54305-projectSEKAI-AsahinaMafuyu-PC-Wallpaper.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2022-09-16 22:18:59">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2022-09-16T22:18:59+08:00">2022-09-16</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>1.3k</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>1 mins.</span>
  </span>
</div>

    <h3><a href="/%E6%AF%94%E8%B5%9Bmisc/" itemprop="url" title="比赛MISC">比赛MISC</a></h3>
    <div class="excerpt">
        2021/10/21 更新了 MISC3 - 眼神要好使，得到的 flag 中的内容请 md5 后上交 - blasting 的附件
# 祥云杯 2021-MISC - 鸣雏恋
算是学习脚本了吧
遍历目录脚本
files = os.listdir(filePath)#遍历文件夹里的图片 for file in files: # 把文件路径和文件名结合起来 file_d = os.path.join(filePath, file) # 判断该文件是单个文件还是文件夹 if os.path.isdir(file_d): # 如果是文件夹则递归调用 scanDir () 函数...
    </div>
    <div class="meta footer">
      <span>
        <a href="/categories/CTF/" itemprop="url" title="CTF"><i class="ic i-flag"></i>CTF</a>
      </span>
    </div>
    <a href="/%E6%AF%94%E8%B5%9Bmisc/" itemprop="url" title="比赛MISC" class="btn">more...</a>
  </div>
</article>

          
<article class="item">
  <div class="cover">
    <a href="/reverse/" itemprop="url" title="学习Reverse"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/43487-Imouto_sae_Irebaii-PC.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2022-09-16 22:18:59">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2022-09-16T22:18:59+08:00">2022-09-16</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>841</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>1 mins.</span>
  </span>
</div>

    <h3><a href="/reverse/" itemprop="url" title="学习Reverse">学习Reverse</a></h3>
    <div class="excerpt">
        2021/10/21 更新了 REVERSE1-schoolboy.apk
# Antidebug
使用 resource hacker 获得输入框的 id：

用 ida 搜索立即数，可以搜索 0x3e8 可以直接搜索 1000：

双击找到调用位置:
发现有 jz 和 jnz 跳转到相同位置，初步怀疑这里有花指令影响了 ida 的正常运行：

key path -&amp;gt; Fill range 全部 pathc 为 nop。注意 00401524 是个多字节指令，先使用快捷键 d 转为数据，将 00401524patch 为 0x90 后，再将后边的使用快捷键 c...
    </div>
    <div class="meta footer">
      <span>
        <a href="/categories/%E8%AE%A1%E7%AE%97%E6%9C%BA%E7%A7%91%E5%AD%A6/CTF/Reverse/" itemprop="url" title="Reverse"><i class="ic i-flag"></i>Reverse</a>
      </span>
    </div>
    <a href="/reverse/" itemprop="url" title="学习Reverse" class="btn">more...</a>
  </div>
</article>

          
<article class="item">
  <div class="cover">
    <a href="/AWD/" itemprop="url" title="AWD脚本和加固命令"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/51944-higehiro-PC-Wallpaper.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2021-12-20 10:44:24">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2021-12-20T10:44:24+08:00">2021-12-20</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>8.1k</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>7 mins.</span>
  </span>
</div>

    <h3><a href="/AWD/" itemprop="url" title="AWD脚本和加固命令">AWD脚本和加固命令</a></h3>
    <div class="excerpt">
        给的是 ctf 低权限账号，但是中间件运行的是 www-data 权限，通常比 ctf 权限高，有些马用 ssh 上去删不掉，可以先传个自己的 shell 然后去删，当然得做一个防止被偷家的措施，比如说加一个 if (&#39;xxx&#39;===md5 (key)) 的操作。也可以用 www-data 去对文件和目录做权限的修改等操作。
黑吃黑，直接用别的队伍上传的 shell。
不是特别大型的比赛没有那么多的时间去审漏洞，通常用 nday 直接打，或者内置的 shell 后门。
批量拿 flag 并自动提交平台；自动备份与恢复自己的靶机文件。网上找的确实不会用

# AWD...
    </div>
    <div class="meta footer">
      <span>
        <a href="/categories/computer-science/" itemprop="url" title="computer-science"><i class="ic i-flag"></i>computer-science</a>
      </span>
    </div>
    <a href="/AWD/" itemprop="url" title="AWD脚本和加固命令" class="btn">more...</a>
  </div>
</article>

          
<article class="item">
  <div class="cover">
    <a href="/MiniLCTF_2020%E9%A2%98%E8%A7%A3/" itemprop="url" title="MiniLCTF_2020题解"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/32933-ANNE_HAPPY-PC.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2021-12-15 15:02:24">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2021-12-15T15:02:24+08:00">2021-12-15</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>5.2k</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>5 mins.</span>
  </span>
</div>

    <h3><a href="/MiniLCTF_2020%E9%A2%98%E8%A7%A3/" itemprop="url" title="MiniLCTF_2020题解">MiniLCTF_2020题解</a></h3>
    <div class="excerpt">
        平台上只有 web 的题目，只写了 web。比赛的时候应该还有其他的。
西电的信息安全协会里有题目，什么时候复现一下
# Web
# id_wife
好像根据 BUUCTF 的那个随便注改的吧？之前我也写过那个题的 wp. 但最开始没想到堆叠注入，试了挺多方法写脚本跑一下库名表名，最后得到了库名 miniL，没跑出来表名，这个就是用二分法不断的尝试
id=1&#39;) or (ascii(substr(database(),1,1)))&amp;lt;150#

后来想起来应该是堆叠注入，得到了俩表 user 和 1145141919810，查看下内容
id=1&#39;) or...
    </div>
    <div class="meta footer">
      <span>
        <a href="/categories/computer-science/" itemprop="url" title="computer-science"><i class="ic i-flag"></i>computer-science</a>
      </span>
    </div>
    <a href="/MiniLCTF_2020%E9%A2%98%E8%A7%A3/" itemprop="url" title="MiniLCTF_2020题解" class="btn">more...</a>
  </div>
</article>

          
<article class="item">
  <div class="cover">
    <a href="/moeCTF_2021%E9%A2%98%E8%A7%A3/" itemprop="url" title="MoeCTF_2021题解"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/pic6.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2021-12-15 13:19:59">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2021-12-15T13:19:59+08:00">2021-12-15</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>34k</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>31 mins.</span>
  </span>
</div>

    <h3><a href="/moeCTF_2021%E9%A2%98%E8%A7%A3/" itemprop="url" title="MoeCTF_2021题解">MoeCTF_2021题解</a></h3>
    <div class="excerpt">
        # Crypto
# beginOfCrypto

看一下代码～
ord 是把 flag 的每一个字符转成数字，map 则是一个用来迭代的函数，也就是对 flag 里的每一个字符 ord，list 转成列表之后存进 data 列表里。之后的 for 循环把 data 列表里的数字取 e 的指数，并把结果存在 cip 列表里。
知道加密过程之后就很简单了～我们只需要把 cip 取 e 的对数，然后转成字符输出就可以了～第一题真是很温柔呢

nimport mathcip=[2.178203880729008e+47, 1.6094870669615087e+48,...
    </div>
    <div class="meta footer">
      <span>
        <a href="/categories/computer-science/" itemprop="url" title="computer-science"><i class="ic i-flag"></i>computer-science</a>
      </span>
    </div>
    <a href="/moeCTF_2021%E9%A2%98%E8%A7%A3/" itemprop="url" title="MoeCTF_2021题解" class="btn">more...</a>
  </div>
</article>

          
<article class="item">
  <div class="cover">
    <a href="/MiniLCTF_2021%E9%A2%98%E8%A7%A3/" itemprop="url" title="MiniLCTF_2021题解"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/pic1.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2021-12-14 11:44:10">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2021-12-14T11:44:10+08:00">2021-12-14</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>17k</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>16 mins.</span>
  </span>
</div>

    <h3><a href="/MiniLCTF_2021%E9%A2%98%E8%A7%A3/" itemprop="url" title="MiniLCTF_2021题解">MiniLCTF_2021题解</a></h3>
    <div class="excerpt">
        # MISC

# 好白给的签到题

压缩包里的文件有点大。。。50MB。。
有提示：贝斯小学 (base)，50 ，路易。六十四 (想到 base64)，兔子 (斐波那契)，反着跳 (python 逆过来)，八年。
经过无数 base64 和反向 base64。
然后打开 story.txt 看下是 base64 写脚本解
import base64p=open(&#39;story.txt&#39;)c=p.read().strip()s=c&#39;&#39;&#39;while 1: try: s=base64.b64decode(s) print(s) except: try:...
    </div>
    <div class="meta footer">
      <span>
        <a href="/categories/computer-science/" itemprop="url" title="computer-science"><i class="ic i-flag"></i>computer-science</a>
      </span>
    </div>
    <a href="/MiniLCTF_2021%E9%A2%98%E8%A7%A3/" itemprop="url" title="MiniLCTF_2021题解" class="btn">more...</a>
  </div>
</article>

          
<article class="item">
  <div class="cover">
    <a href="/computer-science/Reverse/reverse2/" itemprop="url" title="学习Reverse2"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/20833_kin-iro_mosaic.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2021-12-13 17:25:15">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2021-12-13T17:25:15+08:00">2021-12-13</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>179</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>1 mins.</span>
  </span>
</div>

    <h3><a href="/computer-science/Reverse/reverse2/" itemprop="url" title="学习Reverse2">学习Reverse2</a></h3>
    <div class="excerpt">
        # 最近要比赛 reverse，积累一些逆向代码
# xctf: Reversing-x64Elf-100

进入 sub_4006FD 函数

逆向脚本：
a = [&#39;Dufhbmf&#39;,&#39;pG`imos&#39;,&#39;ewUglpt&#39;]flag = &#39;&#39;for i in range(12): flag = flag + chr( ord( a[i%3][2* int(i/3)] ) -1 )print(flag)# xctf
    </div>
    <div class="meta footer">
      <span>
        <a href="/categories/computer-science/Reverse/" itemprop="url" title="Reverse"><i class="ic i-flag"></i>Reverse</a>
      </span>
    </div>
    <a href="/computer-science/Reverse/reverse2/" itemprop="url" title="学习Reverse2" class="btn">more...</a>
  </div>
</article>

          
<article class="item">
  <div class="cover">
    <a href="/computer-science/Reverse/reverse/" itemprop="url" title="学习Reverse"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/43487-Imouto_sae_Irebaii-PC.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2021-12-06 15:04:56">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2021-12-06T15:04:56+08:00">2021-12-06</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>841</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>1 mins.</span>
  </span>
</div>

    <h3><a href="/computer-science/Reverse/reverse/" itemprop="url" title="学习Reverse">学习Reverse</a></h3>
    <div class="excerpt">
        2021/10/21 更新了 REVERSE1-schoolboy.apk
# Antidebug
使用 resource hacker 获得输入框的 id：

用 ida 搜索立即数，可以搜索 0x3e8 可以直接搜索 1000：

双击找到调用位置:
发现有 jz 和 jnz 跳转到相同位置，初步怀疑这里有花指令影响了 ida 的正常运行：

key path -&amp;gt; Fill range 全部 pathc 为 nop。注意 00401524 是个多字节指令，先使用快捷键 d 转为数据，将 00401524patch 为 0x90 后，再将后边的使用快捷键 c...
    </div>
    <div class="meta footer">
      <span>
        <a href="/categories/computer-science/Reverse/" itemprop="url" title="Reverse"><i class="ic i-flag"></i>Reverse</a>
      </span>
    </div>
    <a href="/computer-science/Reverse/reverse/" itemprop="url" title="学习Reverse" class="btn">more...</a>
  </div>
</article>

          
<article class="item">
  <div class="cover">
    <a href="/English/" itemprop="url" title="Learn English"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/54309-projectSEKAI-HatsuneMiku-PC-Wallpaper.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2021-12-03 20:13:44">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2021-12-03T20:13:44+08:00">2021-12-03</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>1.5k</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>1 mins.</span>
  </span>
</div>

    <h3><a href="/English/" itemprop="url" title="Learn English">Learn English</a></h3>
    <div class="excerpt">
        Study English ，Test IELTS!!!!!
# Study English ，Test IELTS!!!!!
# Now , I will use a language which is English to write .
Accmulating some words

On a simplistic level, there are larger numbers of means of transportation
- there are more cars, buses and trains in operation. However, the
sheer number...
    </div>
    <div class="meta footer">
      <span>
        <a href="/categories/English/" itemprop="url" title="English"><i class="ic i-flag"></i>English</a>
      </span>
    </div>
    <a href="/English/" itemprop="url" title="Learn English" class="btn">more...</a>
  </div>
</article>

          
<article class="item">
  <div class="cover">
    <a href="/hexo/" itemprop="url" title="hexo搭建的一些问题"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/51227-projectSEKAI-KiritaniHaruka-PC-Wallpaper.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2021-12-03 19:53:01">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2021-12-03T19:53:01+08:00">2021-12-03</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>2.9k</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>3 mins.</span>
  </span>
</div>

    <h3><a href="/hexo/" itemprop="url" title="hexo搭建的一些问题">hexo搭建的一些问题</a></h3>
    <div class="excerpt">
        # 最近在学 blog 知识，遇到无数问题，小白的我又不会开发 HTML+CSS, 在这里遇到的一些问题，以及开发者没有提及到的。
# 关于本地头像 hexo clean 容易被清除的问题
github 上的拷贝的默认是本地的存储路径，每次更新 hexo clean，public 里面的文件都会被清除，导致每次更新 blog 很繁琐，毕竟有很多图片。
# 我们可以用 cdn 加速图片的方式部署
你的主题目录下的_config.yml
#Assetsstatics: /css: cssjs: jsimages: images默认 images 会把下面的 avatar 后面的路径套上...
    </div>
    <div class="meta footer">
      <span>
        <a href="/categories/%E8%AE%A1%E7%AE%97%E6%9C%BA%E7%A7%91%E5%AD%A6/CTF/Reverse/" itemprop="url" title="Reverse"><i class="ic i-flag"></i>Reverse</a>
      </span>
    </div>
    <a href="/hexo/" itemprop="url" title="hexo搭建的一些问题" class="btn">more...</a>
  </div>
</article>

          
<article class="item">
  <div class="cover">
    <a href="/computer-science/note/theme-shoka-doc/" itemprop="url" title="Hexo主题Shoka &amp; multi-markdown-it渲染器使用说明"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/pic5.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2020-08-13 20:45:48">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2020-08-13T20:45:48+08:00">2020-08-13</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>2.2k</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>2 mins.</span>
  </span>
</div>

    <h3><a href="/computer-science/note/theme-shoka-doc/" itemprop="url" title="Hexo主题Shoka &amp; multi-markdown-it渲染器使用说明">Hexo主题Shoka & multi-markdown-it渲染器使用说明</a></h3>
    <div class="excerpt">
        跳票 N 久终于更新的简单的使用说明

hexo-theme-shoka ：本博客自用的主题
hexo-renderer-multi-markdown-it：配套的 markdown 渲染器

已经支持 hexo 5。

因博主被学业和工作掏空，本项目已停滞更新大半年，问题也无法及时回复大家，这个悲惨状态可能还要持续半年的样子。
有很多热心小伙伴在评论区或者项目 issue 帮忙回答问题，非常非常感谢！
本项目是完全开源的，也有做一些 example...
    </div>
    <div class="meta footer">
      <span>
        <a href="/categories/%E8%AE%A1%E7%AE%97%E6%9C%BA%E7%A7%91%E5%AD%A6/%E4%BA%8C%E8%BF%9B%E5%88%B6%E6%9D%82%E8%B0%88/Theme-Shoka-Documentation/" itemprop="url" title="Theme Shoka Documentation"><i class="ic i-flag"></i>Theme Shoka Documentation</a>
      </span>
    </div>
    <a href="/computer-science/note/theme-shoka-doc/" itemprop="url" title="Hexo主题Shoka &amp; multi-markdown-it渲染器使用说明" class="btn">more...</a>
  </div>
</article>

      </div>
      <h2 class="divider">Categories</h2>
      <div class="cards">
          
<section class="item">
  <div class="cover" data-background-image="/computer-science/Crypto/cover.jpg">
    <h2 class="title">Crypto</h2>
    <span>computer-science</span>
  </div>
  <div class="info">
    <div class="ribbon"><a href="/categories/computer-science/Crypto/" itemprop="url" title="Crypto">Crypto</a></div>
    <div class="inner">
        <ul class="posts">
            <li><a title="Crypto" href="/computer-science/Crypto/Crypto/">Crypto</a></li>
        </ul>
        <div class="meta footer">
          <span>
            <a href="/categories/computer-science/" itemprop="url" title="computer-science"><i class="ic i-flag"></i>computer-science</a>
          </span>
          <span>
            <i class="ic i-file"></i>1 posts in total
          </span>
        </div>
        <a href="/categories/computer-science/Crypto/" itemprop="url" title="Crypto" class="btn">more...</a>
    </div>
  </div>
</section>

          
<section class="item">
  <div class="cover" data-background-image="/computer-science/Misc/cover.jpg">
    <h2 class="title">Misc</h2>
    <span>computer-science</span>
  </div>
  <div class="info">
    <div class="ribbon"><a href="/categories/computer-science/Misc/" itemprop="url" title="Misc">Misc</a></div>
    <div class="inner">
        <ul class="posts">
            <li><a title="bugku-MISC" href="/computer-science/Misc/BUGKUmisc/">bugku-MISC</a></li>
            <li><a title="比赛MISC" href="/computer-science/Misc/%E6%AF%94%E8%B5%9Bmisc/">比赛MISC</a></li>
        </ul>
        <div class="meta footer">
          <span>
            <a href="/categories/computer-science/" itemprop="url" title="computer-science"><i class="ic i-flag"></i>computer-science</a>
          </span>
          <span>
            <i class="ic i-file"></i>2 posts in total
          </span>
        </div>
        <a href="/categories/computer-science/Misc/" itemprop="url" title="Misc" class="btn">more...</a>
    </div>
  </div>
</section>

          
<section class="item">
  <div class="cover" data-background-image="/computer-science/Pwn/cover.jpg">
    <h2 class="title">Pwn</h2>
    <span>computer-science</span>
  </div>
  <div class="info">
    <div class="ribbon"><a href="/categories/computer-science/Pwn/" itemprop="url" title="Pwn">Pwn</a></div>
    <div class="inner">
        <ul class="posts">
            <li><a title="pwn3" href="/computer-science/Pwn/pwn3/">pwn3</a></li>
            <li><a title="pwn4-stack pivoting" href="/computer-science/Pwn/pwn4/">pwn4-stack pivoting</a></li>
            <li><a title="pwn学习(1)" href="/computer-science/Pwn/pwn/">pwn学习(1)</a></li>
            <li><a title="pwn学习(2)" href="/computer-science/Pwn/pwn2/">pwn学习(2)</a></li>
        </ul>
        <div class="meta footer">
          <span>
            <a href="/categories/computer-science/" itemprop="url" title="computer-science"><i class="ic i-flag"></i>computer-science</a>
          </span>
          <span>
            <i class="ic i-file"></i>4 posts in total
          </span>
        </div>
        <a href="/categories/computer-science/Pwn/" itemprop="url" title="Pwn" class="btn">more...</a>
    </div>
  </div>
</section>

          
<section class="item">
  <div class="cover" data-background-image="/computer-science/Reverse/cover.jpg">
    <h2 class="title">Reverse</h2>
    <span>computer-science</span>
  </div>
  <div class="info">
    <div class="ribbon"><a href="/categories/computer-science/Reverse/" itemprop="url" title="Reverse">Reverse</a></div>
    <div class="inner">
        <ul class="posts">
            <li><a title="学习Reverse" href="/computer-science/Reverse/reverse/">学习Reverse</a></li>
            <li><a title="学习Reverse2" href="/computer-science/Reverse/reverse2/">学习Reverse2</a></li>
        </ul>
        <div class="meta footer">
          <span>
            <a href="/categories/computer-science/" itemprop="url" title="computer-science"><i class="ic i-flag"></i>computer-science</a>
          </span>
          <span>
            <i class="ic i-file"></i>2 posts in total
          </span>
        </div>
        <a href="/categories/computer-science/Reverse/" itemprop="url" title="Reverse" class="btn">more...</a>
    </div>
  </div>
</section>

          
<section class="item">
  <div class="cover" data-background-image="/computer-science/Web/cover.jpg">
    <h2 class="title">Web</h2>
    <span>computer-science</span>
  </div>
  <div class="info">
    <div class="ribbon"><a href="/categories/computer-science/Web/" itemprop="url" title="Web">Web</a></div>
    <div class="inner">
        <ul class="posts">
            <li><a title="web学习" href="/computer-science/Web/Web/">web学习</a></li>
        </ul>
        <div class="meta footer">
          <span>
            <a href="/categories/computer-science/" itemprop="url" title="computer-science"><i class="ic i-flag"></i>computer-science</a>
          </span>
          <span>
            <i class="ic i-file"></i>1 posts in total
          </span>
        </div>
        <a href="/categories/computer-science/Web/" itemprop="url" title="Web" class="btn">more...</a>
    </div>
  </div>
</section>

          
<section class="item">
  <div class="cover" data-background-image="/psychology/ana/cover.jpg">
    <h2 class="title">ana</h2>
    <span>psychology</span>
  </div>
  <div class="info">
    <div class="ribbon"><a href="/categories/psychology/ana/" itemprop="url" title="ana">ana</a></div>
    <div class="inner">
        <ul class="posts">
            <li><a title="chology" href="/psychology/ana/research/">chology</a></li>
        </ul>
        <div class="meta footer">
          <span>
            <a href="/categories/psychology/" itemprop="url" title="psychology"><i class="ic i-flag"></i>psychology</a>
          </span>
          <span>
            <i class="ic i-file"></i>1 posts in total
          </span>
        </div>
        <a href="/categories/psychology/ana/" itemprop="url" title="ana" class="btn">more...</a>
    </div>
  </div>
</section>

      </div>
    <h2 class="divider">Post List</h2>
    <div class="segments posts">
        
<article class="item">
  <div class="cover">
    <a href="/web/" itemprop="url" title="比赛Web题"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/44760-imas-cinderella-MorikuboNono-PC.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2022-09-16 22:18:59">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2022-09-16T22:18:59+08:00">2022-09-16</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>2.9k</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>3 mins.</span>
  </span>
</div>

    <h3><a href="/web/" itemprop="url" title="比赛Web题">比赛Web题</a></h3>
    <div class="excerpt">
        # 领航杯 2021 Web
# Login
左下角发现登录，bp 抓包发现查询语句：
select email,password from users where email = (&#39;&#39;) and password =&#39;&#39;经过 fuzz 发现传 % 会出问题，很明显的 sprintf 的 SQL 注入漏洞。直接写个脚本跑一下就可以了：
import requestsdef strtohex(s): ss = &quot;0x&quot; for i in s: ss +=...
    </div>
    <a href="/web/" itemprop="url" title="比赛Web题" class="btn">more...</a>
  </div>
</article>

        
<article class="item">
  <div class="cover">
    <a href="/pwn2/" itemprop="url" title="pwn学习(2)"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/pic4.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2022-09-16 22:18:59">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2022-09-16T22:18:59+08:00">2022-09-16</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>3.7k</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>3 mins.</span>
  </span>
</div>

    <h3><a href="/pwn2/" itemprop="url" title="pwn学习(2)">pwn学习(2)</a></h3>
    <div class="excerpt">
        # 记录两个堆的比赛题
比较穷网盘没有会员附件私聊我
# pwn1

堆溢出
感觉比较基础
堆溢出改大小制造重叠堆块
from pwn import *#io=process(&#39;./pwn1&#39;)io=remote(&#39;119.61.19.212&#39;,57511)elf=ELF(&#39;./pwn1&#39;)libc=ELF(&#39;./libc-2.31.so&#39;)#libc=elf.libccontext.log_level=&#39;debug&#39;def add(context):	io.sendlineafter(&#39;&gt;&gt;...
    </div>
    <a href="/pwn2/" itemprop="url" title="pwn学习(2)" class="btn">more...</a>
  </div>
</article>

        
<article class="item">
  <div class="cover">
    <a href="/pwn/" itemprop="url" title="pwn学习(1)"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/Anihonetwallpaper18382.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2022-09-16 22:18:59">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2022-09-16T22:18:59+08:00">2022-09-16</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>1.3k</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>1 mins.</span>
  </span>
</div>

    <h3><a href="/pwn/" itemprop="url" title="pwn学习(1)">pwn学习(1)</a></h3>
    <div class="excerpt">
        # pwn 学习 1
一张汇编图片

栈帧结构
# Fig 1. 函数调用发生和结束时调用栈的变化
esp 用来存储函数调用栈的栈顶地址，在压栈和退栈时发生变化。ebp 用来存储当前函数状态的基地址，在函数运行时不变，可以用来索引确定函数参数或局部变量的位置。eip 用来存储即将执行的程序指令的地址，cpu 依照 eip 的存储内容读取指令并执行，eip 随之指向相邻的下一条指令，如此反复，程序就得以连续执行指令。
下面让我们来看看发生函数调用时，栈顶函数状态以及上述寄存器的变化。变化的核心任务是将调用函数（caller）的状态保存起来，同时创建被调用函数（callee）的状态

# Fig...
    </div>
    <a href="/pwn/" itemprop="url" title="pwn学习(1)" class="btn">more...</a>
  </div>
</article>

        
<article class="item">
  <div class="cover">
    <a href="/crypto/" itemprop="url" title="crypto"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/54167-BanG_Dream-MinatoYukina-PC-Wallpaper.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2022-09-16 22:18:59">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2022-09-16T22:18:59+08:00">2022-09-16</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>12k</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>11 mins.</span>
  </span>
</div>

    <h3><a href="/crypto/" itemprop="url" title="crypto">crypto</a></h3>
    <div class="excerpt">
        2021/10/21 更新了高位截肢
# 高新区比赛
V^3
好像是一个 2017 年的题改的
cnhongke {bf7e02677b4faab7808d1580fd5bb}
也可以手动爆破
就是按照对应关系
然后逐位加密
你会发现到第六个就开始变成对称了
所以手动跑 5 次就出结果了
exp 都多余了
附上 exp:
s = &quot;ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz_&amp;#123;&amp;#125;&quot;def _l(idx, s): return s[idx:] +...
    </div>
    <a href="/crypto/" itemprop="url" title="crypto" class="btn">more...</a>
  </div>
</article>

        
<article class="item">
  <div class="cover">
    <a href="/BUGKUmisc/" itemprop="url" title="bugku-MISC"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/54305-projectSEKAI-AsahinaMafuyu-PC-Wallpaper.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2022-09-16 22:18:59">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2022-09-16T22:18:59+08:00">2022-09-16</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>399</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>1 mins.</span>
  </span>
</div>

    <h3><a href="/BUGKUmisc/" itemprop="url" title="bugku-MISC">bugku-MISC</a></h3>
    <div class="excerpt">
        # where_is_flag
下载附件得到 10 个 txt 文件，用 010 打开发现里面全是 00 截断符号

看字节大小，用 py 脚本把每个文件的字节长度跑出来
for n in range(1,11): name = str(n)+&#39;.txt&#39; with open(name) as f: print(len(f.read()),end=&quot;&quot;)
跑出来的字节长度应该是十进制的 ascii 码，尝试对它进行分割，然后跑出来得到 bugku
for n in range(1,11): name = str(n)+&#39;.txt&#39; with...
    </div>
    <a href="/BUGKUmisc/" itemprop="url" title="bugku-MISC" class="btn">more...</a>
  </div>
</article>

        
<article class="item">
  <div class="cover">
    <a href="/computer-science/Pwn/pwn4/" itemprop="url" title="pwn4-stack pivoting"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/46256-imoimo-PC-Wallpaper.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2021-12-10 09:53:16">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2021-12-10T09:53:16+08:00">2021-12-10</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>379</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>1 mins.</span>
  </span>
</div>

    <h3><a href="/computer-science/Pwn/pwn4/" itemprop="url" title="pwn4-stack pivoting">pwn4-stack pivoting</a></h3>
    <div class="excerpt">
        # 0x01 stack pivoting
栈迁移就是因为可写空间太小不够 rop，就把栈迁移到别的地方去构造 payload。
而栈迁移最重要的是两个汇编命令，在程序调用完成 call 返回的时候。
leave； ret;
leave 相对于是 mov esp，ebp；pop ebp；把 bp 的值给 sp，弹出 bp;
ret 是 pop eip;
# 0x02 Principle
先从 32 位来理解栈迁移的利用原理。
stack pivoting，正如它所描述的，该技巧就是劫持栈指针指向攻击者所能控制的内存处，然后再在相应的位置进行 ROP。一般来说，我们可能在以下情况需要使用...
    </div>
    <div class="meta footer">
      <span>
        <a href="/categories/computer-science/Pwn/" itemprop="url" title="Pwn"><i class="ic i-flag"></i>Pwn</a>
      </span>
    </div>
    <a href="/computer-science/Pwn/pwn4/" itemprop="url" title="pwn4-stack pivoting" class="btn">more...</a>
  </div>
</article>

        
<article class="item">
  <div class="cover">
    <a href="/computer-science/Pwn/pwn3/" itemprop="url" title="pwn3"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/51227-projectSEKAI-KiritaniHaruka-PC-Wallpaper.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2021-12-09 16:52:14">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2021-12-09T16:52:14+08:00">2021-12-09</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>1.1k</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>1 mins.</span>
  </span>
</div>

    <h3><a href="/computer-science/Pwn/pwn3/" itemprop="url" title="pwn3">pwn3</a></h3>
    <div class="excerpt">
        # Base_PWN
一般入门 PWN 会一点 c，常见的 register 了解下，然后刷题就会有很大的提升，能解决一些基础的 pwn 题，想继续学下去的话，基础的优势就会显现出来。不然就会很难理解一些底层的东西，思路迷糊，无从下手。
HITCON 的 PWN 的实验题目，很适合搭建，复现，讲解。

+------------------------+ Oxffffffff
| kernel space | # 内核空间
+------------------------+ 0xC0000000
| stack |
+------------------------+
| |
|...
    </div>
    <div class="meta footer">
      <span>
        <a href="/categories/computer-science/Pwn/" itemprop="url" title="Pwn"><i class="ic i-flag"></i>Pwn</a>
      </span>
    </div>
    <a href="/computer-science/Pwn/pwn3/" itemprop="url" title="pwn3" class="btn">more...</a>
  </div>
</article>

        
<article class="item">
  <div class="cover">
    <a href="/psychology/ana/research/" itemprop="url" title="chology"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/44760-imas-cinderella-MorikuboNono-PC.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2021-12-06 16:52:43">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2021-12-06T16:52:43+08:00">2021-12-06</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>747</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>1 mins.</span>
  </span>
</div>

    <h3><a href="/psychology/ana/research/" itemprop="url" title="chology">chology</a></h3>
    <div class="excerpt">
        # Psychoanalytic Theory
Psychoanalytic theory was founded by Austrian psychiatrist Freud at the end of the 19th century and the beginning of the 20th century. Psychoanalytic theory is the cornerstone of modern psychology. Its influence is far from limited to the field of clinical psychology. It has...
    </div>
    <div class="meta footer">
      <span>
        <a href="/categories/psychology/ana/" itemprop="url" title="ana"><i class="ic i-flag"></i>ana</a>
      </span>
    </div>
    <a href="/psychology/ana/research/" itemprop="url" title="chology" class="btn">more...</a>
  </div>
</article>

        
<article class="item">
  <div class="cover">
    <a href="/computer-science/Crypto/Crypto/" itemprop="url" title="Crypto"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/50382-IDOLY_PRIDE-PC-Wallpaper.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2021-12-06 15:09:31">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2021-12-06T15:09:31+08:00">2021-12-06</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>12k</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>11 mins.</span>
  </span>
</div>

    <h3><a href="/computer-science/Crypto/Crypto/" itemprop="url" title="Crypto">Crypto</a></h3>
    <div class="excerpt">
        2021/10/21 更新了高位截肢
# 高新区比赛
V^3
好像是一个 2017 年的题改的
cnhongke {bf7e02677b4faab7808d1580fd5bb}
也可以手动爆破
就是按照对应关系
然后逐位加密
你会发现到第六个就开始变成对称了
所以手动跑 5 次就出结果了
exp 都多余了
附上 exp:
s = &quot;ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz_&amp;#123;&amp;#125;&quot;def _l(idx, s): return s[idx:] +...
    </div>
    <div class="meta footer">
      <span>
        <a href="/categories/computer-science/Crypto/" itemprop="url" title="Crypto"><i class="ic i-flag"></i>Crypto</a>
      </span>
    </div>
    <a href="/computer-science/Crypto/Crypto/" itemprop="url" title="Crypto" class="btn">more...</a>
  </div>
</article>

        
<article class="item">
  <div class="cover">
    <a href="/computer-science/Web/Web/" itemprop="url" title="web学习"><img data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/54302-projectSEKAI-YoisakiKanade-PC-Wallpaper.jpg"></a>
  </div>
  <div class="info">
    
<div class="meta">
  <span class="item" title="Created: 2021-12-06 15:07:04">
    <span class="icon">
      <i class="ic i-calendar"></i>
    </span>
    <time itemprop="dateCreated datePublished" datetime="2021-12-06T15:07:04+08:00">2021-12-06</time>
  </span>
  <span class="item" title="Symbols count in article">
    <span class="icon">
      <i class="ic i-pen"></i>
    </span>
    <span>4</span>
    <span class="text">words</span>
  </span>
  <span class="item" title="Reading time">
    <span class="icon">
      <i class="ic i-clock"></i>
    </span>
    <span>1 mins.</span>
  </span>
</div>

    <h3><a href="/computer-science/Web/Web/" itemprop="url" title="web学习">web学习</a></h3>
    <div class="excerpt">
        # web
    </div>
    <div class="meta footer">
      <span>
        <a href="/categories/computer-science/Web/" itemprop="url" title="Web"><i class="ic i-flag"></i>Web</a>
      </span>
    </div>
    <a href="/computer-science/Web/Web/" itemprop="url" title="web学习" class="btn">more...</a>
  </div>
</article>

    </div>

  </div>

  
  <nav class="pagination">
    <div class="inner">
    <span class="page-number current">1</span><a class="page-number" href="/page/2/">2</a><span class="space">&hellip;</span><a class="page-number" href="/page/4/">4</a><a class="extend next" rel="next" href="/page/2/"><i class="ic i-angle-right" aria-label="Next page"></i></a>
    </div>
  </nav>



        </div>
        <div id="sidebar">
          
<div class="inner">

  <div class="panels">
    <div class="inner">
      <div class="contents panel pjax" data-title="Contents">
      </div>
      <div class="related panel pjax" data-title="Related">
      </div>
      <div class="overview panel" data-title="Overview">
        <div class="author" itemprop="author" itemscope itemtype="http://schema.org/Person">
  <img class="image" itemprop="image" alt="cheuncey Zhang"
      data-src="https://cdn.jsdelivr.net/gh/zephyr-cyber/Blog-Gallery@main//blog-img/16f8bec9f7fbb60bf0c3a1d2fa12affd.jpeg">
  <p class="name" itemprop="name">cheuncey Zhang</p>
  <div class="description" itemprop="description">刻意练习</div>
</div>

<nav class="state">
    <div class="item posts">
      <a href="/archives/">
        <span class="count">49</span>
        <span class="name">posts</span>
      </a>
    </div>
    <div class="item categories">
      <a href="/categories/">
        <span class="count">20</span>
        <span class="name">categories</span>
      </a>
    </div>
    <div class="item tags">
      <a href="/tags/">
        <span class="count">16</span>
        <span class="name">tags</span>
      </a>
    </div>
</nav>

<div class="social">
      <span class="exturl item github" data-url="aHR0cHM6Ly96ZXBoeXItY3liZXIuZ2l0aHViLmlv" title="https:&#x2F;&#x2F;zephyr-cyber.github.io"><i class="ic i-github"></i></span>
      <span class="exturl item twitter" data-url="aHR0cHM6Ly90d2l0dGVyLmNvbS8=" title="https:&#x2F;&#x2F;twitter.com&#x2F;"><i class="ic i-twitter"></i></span>
      <span class="exturl item zhihu" data-url="aHR0cHM6Ly93d3cuemhpaHUuY29tL3Blb3BsZS8=" title="https:&#x2F;&#x2F;www.zhihu.com&#x2F;people&#x2F;"><i class="ic i-zhihu"></i></span>
      <span class="exturl item music" data-url="aHR0cHM6Ly9tdXNpYy4xNjMuY29tLyMvbXkvbS9tdXNpYy9wbGF5bGlzdD9pZD0yMjI2MDQ2MDI3" title="https:&#x2F;&#x2F;music.163.com&#x2F;#&#x2F;my&#x2F;m&#x2F;music&#x2F;playlist?id&#x3D;2226046027"><i class="ic i-cloud-music"></i></span>
      <span class="exturl item weibo" data-url="aHR0cHM6Ly93ZWliby5jb20v" title="https:&#x2F;&#x2F;weibo.com&#x2F;"><i class="ic i-weibo"></i></span>
      <span class="exturl item about" data-url="aHR0cHM6Ly9hYm91dC5tZS8=" title="https:&#x2F;&#x2F;about.me&#x2F;"><i class="ic i-address-card"></i></span>
      <span class="exturl item email" data-url="bWFpbHRvOjEzMjc4MzcwMzFAcXEuY29tLmNvbQ==" title="mailto:1327837031@qq.com.com"><i class="ic i-envelope"></i></span>
      <span class="exturl item facebook" data-url="aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLw==" title="https:&#x2F;&#x2F;www.facebook.com&#x2F;"><i class="ic i-facebook"></i></span>
      <span class="exturl item stackoverflow" data-url="aHR0cHM6Ly9zdGFja292ZXJmbG93LmNvbS8=" title="https:&#x2F;&#x2F;stackoverflow.com&#x2F;"><i class="ic i-stack-overflow "#1e88e5""></i></span>
      <span class="exturl item youtube" data-url="aHR0cHM6Ly95b3V0dWJlLmNvbS8=" title="https:&#x2F;&#x2F;youtube.com&#x2F;"><i class="ic i-youtube  "#e60026""></i></span>
      <span class="exturl item instagram" data-url="aHR0cHM6Ly9pbnN0YWdyYW0uY29tLw==" title="https:&#x2F;&#x2F;instagram.com&#x2F;"><i class="ic i-instagram "#1e88e5""></i></span>
      <span class="exturl item skype" data-url="c2t5cGU6MTIzP2NhbGx8Y2hhdA==" title="skype:123?call|chat"><i class="ic i-skype "#1e88e5""></i></span>
      <span class="exturl item douban" data-url="aHR0cHM6Ly93d3cuZG91YmFuLmNvbS9wZW9wbGUv" title="https:&#x2F;&#x2F;www.douban.com&#x2F;people&#x2F;"><i class="ic i-douban "#191717""></i></span>
</div>

<ul class="menu">
  
    
  <li class="item">
    <a href="/" rel="section"><i class="ic i-home"></i>Home</a>
  </li>

    
  <li class="item">
    <a href="/about/" rel="section"><i class="ic i-user"></i>About</a>
  </li>

        
  <li class="item dropdown">
      <a href="javascript:void(0);"><i class="ic i-feather"></i>Posts</a>
    <ul class="submenu">

        
  <li class="item">
    <a href="/archives/" rel="section"><i class="ic i-list-alt"></i>Archives</a>
  </li>

        
  <li class="item">
    <a href="/categories/" rel="section"><i class="ic i-th"></i>Categories</a>
  </li>

        
  <li class="item">
    <a href="/tags/" rel="section"><i class="ic i-tags"></i>Tags</a>
  </li>

  </ul>
    
  <li class="item">
    <a href="/friends/" rel="section"><i class="ic i-heart"></i>Friends</a>
  </li>

    
  <li class="item">
    <a href="/films/" rel="section"><i class="ic i-heart"></i>films</a>
  </li>

    
  <li class="item">
    <a href="/fun-links/" rel="section"><i class="ic i-android"></i>fun-links</a>
  </li>


</ul>

      </div>
    </div>
  </div>

  <ul id="quick">
    <li class="prev pjax">
    </li>
    <li class="up"><i class="ic i-arrow-up"></i></li>
    <li class="down"><i class="ic i-arrow-down"></i></li>
    <li class="next pjax">
        <a href="/page/2/" rel="next" title="Next Post"><i class="ic i-chevron-right"></i></a>
    </li>
    <li class="percent"></li>
  </ul>
</div>

        </div>
        <div class="dimmer"></div>
      </div>
    </main>
    <footer id="footer">
      <div class="inner">
        <div class="widgets">
          
<div class="rpost pjax">
  <h2>Random Posts</h2>
  <ul>
      
  <li class="item">
    
<div class="breadcrumb">
<a href="/categories/computer-science/" title="In computer-science">computer-science</a>
</div>

    <span><a href="/MiniLCTF_2021%E9%A2%98%E8%A7%A3/" title="MiniLCTF_2021题解">MiniLCTF_2021题解</a></span>
  </li>

      
  <li class="item">
    
<div class="breadcrumb">
<a href="/categories/computer-science/" title="In computer-science">computer-science</a>
<i class="ic i-angle-right"></i>
<a href="/categories/computer-science/Reverse/" title="In Reverse">Reverse</a>
</div>

    <span><a href="/computer-science/Reverse/reverse/" title="学习Reverse">学习Reverse</a></span>
  </li>

      
  <li class="item">
    
<div class="breadcrumb">
</div>

    <span><a href="/long-title/" title="Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam justo turpis, tincidunt ac convallis id.">Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam justo turpis, tincidunt ac convallis id.</a></span>
  </li>

      
  <li class="item">
    
<div class="breadcrumb">
</div>

    <span><a href="/gallery-post/" title="Gallery Post">Gallery Post</a></span>
  </li>

      
  <li class="item">
    
<div class="breadcrumb">
<a href="/categories/computer-science/" title="In computer-science">computer-science</a>
</div>

    <span><a href="/MiniLCTF_2020%E9%A2%98%E8%A7%A3/" title="MiniLCTF_2020题解">MiniLCTF_2020题解</a></span>
  </li>

      
  <li class="item">
    
<div class="breadcrumb">
<a href="/categories/computer-science/" title="In computer-science">computer-science</a>
<i class="ic i-angle-right"></i>
<a href="/categories/computer-science/Pwn/" title="In Pwn">Pwn</a>
</div>

    <span><a href="/computer-science/Pwn/pwn/" title="pwn学习(1)">pwn学习(1)</a></span>
  </li>

      
  <li class="item">
    
<div class="breadcrumb">
</div>

    <span><a href="/%E6%97%A5%E6%9C%AC%E8%AA%9E%E3%83%86%E3%82%B9%E3%83%88/" title="日本語テスト">日本語テスト</a></span>
  </li>

      
  <li class="item">
    
<div class="breadcrumb">
</div>

    <span><a href="/pwn/" title="pwn学习(1)">pwn学习(1)</a></span>
  </li>

      
  <li class="item">
    
<div class="breadcrumb">
<a href="/categories/%E8%AE%A1%E7%AE%97%E6%9C%BA%E7%A7%91%E5%AD%A6/" title="In 计算机科学">计算机科学</a>
<i class="ic i-angle-right"></i>
<a href="/categories/%E8%AE%A1%E7%AE%97%E6%9C%BA%E7%A7%91%E5%AD%A6/%E4%BA%8C%E8%BF%9B%E5%88%B6%E6%9D%82%E8%B0%88/" title="In 二进制杂谈">二进制杂谈</a>
<i class="ic i-angle-right"></i>
<a href="/categories/%E8%AE%A1%E7%AE%97%E6%9C%BA%E7%A7%91%E5%AD%A6/%E4%BA%8C%E8%BF%9B%E5%88%B6%E6%9D%82%E8%B0%88/Theme-Shoka-Documentation/" title="In Theme Shoka Documentation">Theme Shoka Documentation</a>
</div>

    <span><a href="/computer-science/note/theme-shoka-doc/config/" title="Step.2 基本配置">Step.2 基本配置</a></span>
  </li>

      
  <li class="item">
    
<div class="breadcrumb">
</div>

    <span><a href="/markdown/" title="Markdown Style test">Markdown Style test</a></span>
  </li>

  </ul>
</div>
<div>
  <h2>Recent Comments</h2>
  <ul class="leancloud-recent-comment"></ul>
</div>

        </div>
        <div class="status">
  <div class="copyright">
    
    &copy; 2010 – 
    <span itemprop="copyrightYear">2022</span>
    <span class="with-love">
      <i class="ic i-sakura rotate"></i>
    </span>
    <span class="author" itemprop="copyrightHolder">cheuncey Zhang @ Canary</span>
  </div>
  <div class="count">
    <span class="post-meta-item-icon">
      <i class="ic i-chart-area"></i>
    </span>
    <span title="Symbols count total">166k words</span>

    <span class="post-meta-divider">|</span>
    <span class="post-meta-item-icon">
      <i class="ic i-coffee"></i>
    </span>
    <span title="Reading time total">2:31</span>
  </div>
  <div class="powered-by">
    Powered by <span class="exturl" data-url="aHR0cHM6Ly96ZXBoeXItY3liZXIuZ2l0aHViLmlv">Canary</span> & Inspire.<span class="exturl" data-url="aHR0cHM6Ly96ZXBoeXItY3liZXIuZ2l0aHViLmlv">taotaotao!</span>
  </div>
</div>

      </div>
    </footer>
  </div>
<script data-config type="text/javascript">
  var LOCAL = {
    path: '',
    favicon: {
      show: "（●´3｀●）Goooood",
      hide: "(´Д｀)Booooom"
    },
    search : {
      placeholder: "Search for Posts",
      empty: "We didn't find any results for the search: ${query}",
      stats: "${hits} results found in ${time} ms"
    },
    valine: true,fancybox: true,
    copyright: 'Copied to clipboard successfully! <br> All articles in this blog are licensed under <i class="ic i-creative-commons"></i>BY-NC-SA.',
    ignores : [
      function(uri) {
        return uri.includes('#');
      },
      function(uri) {
        return new RegExp(LOCAL.path+"$").test(uri);
      }
    ]
  };
</script>

<script src="https://cdn.polyfill.io/v2/polyfill.js"></script>

<script src="//cdn.jsdelivr.net/combine/npm/pace-js@1.0.2/pace.min.js,npm/pjax@0.2.8/pjax.min.js,npm/whatwg-fetch@3.4.0/dist/fetch.umd.min.js,npm/animejs@3.2.0/lib/anime.min.js,npm/algoliasearch@4/dist/algoliasearch-lite.umd.js,npm/instantsearch.js@4/dist/instantsearch.production.min.js,npm/lozad@1/dist/lozad.min.js,npm/quicklink@2/dist/quicklink.umd.js"></script>

<script src="/js/app.js?v=0.2.5"></script>




</body>
</html>
